def setUp(self):
self.factory = RequestFactory()
self.middleware = RefreshIDToken()
self.user = User.objects.create_user('example_username')
def test_get_exempt_urls_setting_url_path(self):
middleware = RefreshIDToken()
self.assertEquals(
sorted(middleware.get_exempt_urls()),
[u'/authenticate/', u'/callback/', u'/foo/', u'/logout/'])
class RefreshIDTokenMiddlewareTestCase(TestCase):
def setUp(self):
self.factory = RequestFactory()
self.middleware = RefreshIDToken()
self.user = User.objects.create_user('example_username')
def test_anonymous(self):
request = self.factory.get('/foo')
request.user = AnonymousUser()
response = self.middleware.process_request(request)
self.assertTrue(not response)
def test_is_oidc_path(self):
request = self.factory.get('/oidc/callback/')
request.user = AnonymousUser()
response = self.middleware.process_request(request)
self.assertTrue(not response)
def test_is_POST(self):
request = self.factory.post('/foo')
request.user = AnonymousUser()
response = self.middleware.process_request(request)
self.assertTrue(not response)
def test_is_ajax(self):
request = self.factory.get('/foo',
HTTP_X_REQUESTED_WITH='XMLHttpRequest')
request.user = self.user
response = self.middleware.process_request(request)
self.assertTrue(not response)
@override_settings(
OIDC_OP_AUTHORIZATION_ENDPOINT='http://example.com/authorize')
@override_settings(OIDC_RP_CLIENT_ID='foo')
@override_settings(OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS=120)
@patch('mozilla_django_oidc.middleware.get_random_string')
def test_no_oidc_token_expiration_forces_renewal(self, mock_random_string):
mock_random_string.return_value = 'examplestring'
request = self.factory.get('/foo')
request.user = self.user
request.session = {}
response = self.middleware.process_request(request)
self.assertEquals(response.status_code, 302)
url, qs = response.url.split('?')
self.assertEquals(url, 'http://example.com/authorize')
expected_query = {
'response_type': ['code'],
'redirect_uri': ['http://testserver/callback/'],
'client_id': ['foo'],
'nonce': ['examplestring'],
'prompt': ['none'],
'scope': ['openid'],
'state': ['examplestring'],
}
self.assertEquals(expected_query, parse_qs(qs))
@override_settings(
OIDC_OP_AUTHORIZATION_ENDPOINT='http://example.com/authorize')
@override_settings(OIDC_RP_CLIENT_ID='foo')
@override_settings(OIDC_RENEW_ID_TOKEN_EXPIRY_SECONDS=120)
@patch('mozilla_django_oidc.middleware.get_random_string')
def test_expired_token_forces_renewal(self, mock_random_string):
mock_random_string.return_value = 'examplestring'
request = self.factory.get('/foo')
request.user = self.user
request.session = {'oidc_id_token_expiration': time.time() - 10}
response = self.middleware.process_request(request)
self.assertEquals(response.status_code, 302)
url, qs = response.url.split('?')
self.assertEquals(url, 'http://example.com/authorize')
expected_query = {
'response_type': ['code'],
'redirect_uri': ['http://testserver/callback/'],
'client_id': ['foo'],
'nonce': ['examplestring'],
'prompt': ['none'],
'scope': ['openid'],
'state': ['examplestring'],
}
self.assertEquals(expected_query, parse_qs(qs))
def test_get_exempt_urls_setting_view_name(self):
middleware = RefreshIDToken()
self.assertEquals(sorted(middleware.get_exempt_urls()), [
u'/authenticate/', u'/callback/', u'/logout/', u'/mdo_fake_view/'
])